Friends,
The stories below is probably the official party line, in my mind this is another false flag attack designed to stir up hatred of Muslims and begin another war that will further bankrupt the U.S.. This is the sixth major incident in six weeks. 1. The resignation of Pope Benedict and the election of the first Jesuit in history to the papacy Pope Francis. 2. The continued prodding and attacks against Syria, trying to get Syria to attack Israel. 3. The Boston Marathon false flag with its attached para military exercises. 4. The attack on physical Gold and Silver in an attempt to restore faith in the paper fiat dollar 5. The financial grab of citizens money in Greek Cyprus. 6. Cyber attacks on 15 major international banks.
The hackers often
struck late on Fridays, starting about a year ago, sending skeleton crews at
more than a dozen European banks rushing to keep bombardments of digital
gibberish from crashing their websites
Damaging as the bandwidth-choking
attacks were, they were merely smokescreens. Once employees dropped their guard
to fight one attack, hackers struck again, exploiting the openings to steal
account information and create counterfeit debit cards.
One attack was so fast that, within two hours, $9 million
was withdrawn from automated teller machines in 46 cities, according to Francis
deSouza, president of products and services for Symantec Corp (SYMC).,
the Mountain View, California-based information security company thatinvestigated the incidents.
Symantec’s findings show that the attacks, which have been
around for years, have evolved from nuisances causing temporary website outages
into one of the cheapest and most effective ways to rob banks. They’ve become
the online equivalent of a common street hustle, with the initial assault being
the shiny object that distracts bank security teams long enough to pick
customers’ pockets.
Tens of millions of dollars were stolen in the past year in
two-pronged attacks that banks didn’t notice until customers complained or
investigators later uncovered the breaches, said Samir Kapuria, a Symantec vice
president who led the research.
“The problem is everyone is focusing on the fact someone has
set fire to your front yard, and while you’re staring at the front yard someone
is coming in through the back door,” said Tom Kellermann, a former security
specialist with the World Bank and now vice president of cybersecurity for
Trend Micro Inc., a Tokyo-based security software maker.
ING Assault
The attacks targeting
banks are known as distributed denial-of-service, or DDoS, in which hackers
flood a computer system with information to shut it down. While some banks have acknowledged the attacks have damaged
their websites, Symantec’s research shows hackers have reached deeper than
institutions have been willing to acknowledge.
The websites of U.S.
banks were down a record 249 hours in six weeks in February and March, when
they were being heavily attacked, according to Keynote Systems Inc
(KEYN)., a San Mateo, California-based company that measures
websites’ response times.
The U.S. Comptroller of the Currency, in an alert in December, said
DDoS attacks previously regarded as political statements have become part of
broader invasions aimed at compromising customer accounts. It didn’t give
examples and Stephanie Collins, an agency spokeswoman, declined to comment
beyond the alert.
Two Tiers
Symantec’s research focused on European banks, which the
company wouldn’t name, and it’s not clear what losses U.S. banks and their
customers have sustained in similar attacks.
Only Citigroup among the largest U.S. banks has disclosed
losses from DDoS and other cyber attacks to investors this year, and it
characterized them only as “certain limited losses in some instances.”
In one recent combination attack, hackers temporarily
knocked out online banking at Amsterdam-based ING Groep NV (INGA) and
iDEAL, a Dutch e-commerce system that includes the Netherlands’ biggest banks,
on April 5 and sent a wave of e-mails to ING customers during the attack trying
to get them to reveal personal information.
Carolien van der Giessen, a bank spokeswoman, confirmed the
attacks while declining to say whether ING experienced data- theft attacks at
the same time.
Converged Interests
A group calling itself Izz ad-Din al-Qassam Cyber Fighters
has taken responsibility for attacks against Bank of America Corp., JPMorgan Chase & Co
(JPM)., PNC Financial Services
Group Inc (PNC). and others, claiming they were in response to a
video uploaded to Google Inc.’s YouTube ridiculing the Prophet Muhammad and
offending some Muslims.
Iran’s
government and its elite Qods Force were probably behind the attacks,
retaliating against U.S.-led economic sanctions, U.S. Senator Joseph Lieberman,
then chairman of the Homeland Security Committee and now retired, said in
September.
The two-pronged attacks have taken several forms, according
to Kellermann and Synmantec officials who have analyzed their patterns.
In the more common form,
hacking groups plant malicious software inside a bank’s systems, then wait
until they notice another group, such as Izz ad-Din or Anonymous, mounting a
distributed denial-of-service attack. At that point, they swoop in, activate
their software and raid compromised accounts.
Effective Diversions
The approach brings
together unlikely groups: cybercriminals who break into computers to steal
money, and cyberwarriors who hack to make political statements.
“We are already seeing a
convergence of DDoS attacks and fraud -- in some cases by the same actors who
are not the Iranians, but are other opportunistic gangs,” Avivah Litan, a banking-security analyst with Gartner Inc.,
an information- technology researcher based inStamford, Connecticut.
“We are also seeing the different actors borrow, buy and
steal from each other, so that cybercriminals are using cyberwarrior tactics
and code, and cyberwarriors are using cybercriminal tactics and code,” Litan
said. “The big question is whether the nation-state actors, i.e. the Iranians,
will start stealing money out of accounts.”
Some of the more sophisticated Eastern European hackers now
mount both stages of attacks themselves, Kellermann said.
DDoS attacks can be effective diversions because they can
overwhelm fraud-detection systems and banks react strongly to them, out of
concern that prolonged website outages will damage their reputations,
Kellermann said.
Phone Tie-Ups
The two-pronged approach also helps explain why bank
websites often haven’t crashed for more than brief periods: because hackers
don’t want them to.
Often they’ve crippled sites just enough so they can access
target accounts while customers can’t, and therefore won’t notice their money’s
gone until after the attacks end, Litan said.
Many banks are now being hit with assaults on their phone
and data networks at the same time, said Jim Grubb, a vice president at Cisco Systems Inc (CSCO).,
the biggest maker of computer- networking equipment.
The idea is to prevent the banks’ customers from being able
to access their accounts online or over the phone while criminals are
withdrawing money from ATMs or racking up credit- card charges.
At a Cisco conference last year, Grubb described an
attack against a bank’s phone network that prevented customers from calling in
to stop fraudulent transactions.
In some cases, hackers have called banks’ customer-service
centers while online access is down and tricked representatives into wiring
money out of people’s accounts, Gartner’s Litan said.
Botnet Use
The most common type of
DDoS attack involves using “botnets,” or networks of infected computers, to
flood target websites with more traffic than they can handle, said Gunter Ollmann, chief technology officer for IOActive
Inc., a security consultancy.
A more effective technique involves attacking database-
heavy applications, such as a site’s search function. Hackers might only need
one or two computers doing lots of searches to bring down a site, Ollmann said.
A complicated approach involves manipulating the Internet’s
domain-name system to amplify the amount of attack traffic against a target
site. The technique was used to start one of the biggest online attacks ever,
with 300 billion bits per second of traffic hitting the website of Spamhaus, a
European antispam group, on March 15 in retaliation for blacklisting a handful
of accused spammers.
Limited Disclosure
Most of the largest U.S. banks have acknowledged the DDoS
attacks in regulatory filings or annual reports. Most said they didn’t have
material losses or that customer data wasn’t stolen.
None of the top banks have described DDoS attacks combined
with data-theft attempts in the way the Comptroller of the Currency alert
outlined or quantified losses from cyber attacks, though Citigroup, PNC,
JPMorgan Chase, Wells Fargo & Co.
(WFC)and U.S. Bancorp identified DDoS attacks as a material risk.
Citigroup spokesman Andrew Brent declined to comment. PNC
has said the DDoS attacks caused some outages but didn’t lead to theft of
customer data. Spokesman Fred Solomon declined to comment. U.S. Bancorp
spokesman Tom Joyce didn’t respond to messages.
Wells Fargo (WFC) said
one aim of the DDoS attacks was to test banks’ cybersecurity ahead of more
advanced future attacks. JPMorgan Chase described the attackers as
“sophisticated and well-resourced.”
‘Off’ Button
Most banks don’t disclose how much they spend on security,
with JPMorgan Chase being an exception. Chief Executive Officer Jamie Dimon
said in an April 10 letter to shareholders that the company spends $200 million a
year on data security, a figure that will grow “dramatically” over the next
three years, and said more than 600 employees are dedicated to security, a
number expected to rise.
While there’s no shortage of security firms selling products
to help prevent breaches, helping fuel an industry that Gartner estimates will
reach $65.7 billion this year, technology alone can’t prevent all combination
attacks.
To fight two-pronged assaults, banks must have sufficient
staffing across multiple business lines for the duration of the DDoS attacks,
the Comptroller of the Currency, the arm of the U.S. Treasury Department that
regulates banks, said in its Dec. 21 alert.
Banks need denial-of-service protections that go beyond
defenses offered by their network providers, which often can’t detect attacks
on the banks’ specific applications, Gartner’s Litan said. They also need to
increase training for call-center staff to spot suspicious transactions, he
said.
And in the worst-case scenario?
“An emergency ’off’ button to stop all money transfers,”
Litan said. “This should never have to be used but is important to have -- just
in case.”
The link below to NBC news describes the banking cyber attack. Authorities are trying to blame this cyber attack on Iran
http://www.nbcnews.com/video/nightly-news/51435096#51435096
Islamist-hackers in the the Middle East and Maghreb are planning to launch cyberattacks against U.S. government agencies, banks and companies this week, according to the Department of Homeland Security.
The attacks, labeled #OpUSA (standing for “Operation
USA”), and reportedly done in the name of the famed hacker group Anonymous, are
slated to commence Tuesday.
“OpUSA poses a limited threat of temporarily disrupting
U.S. websites,” the DHS bulletin stated, adding that the hackers will employ
such tools as “nuisance-level” strikes, as well as disabling website and
defacing them temporarily.
“Some
of the participants possess only rudimentary hacking skills,” DHS stated. The
Washington Times adds:
More dangerous, though, is the
developing alliance the organization of the attacks seems to presage between
criminal hackers and violent Islamic extremists.
The bulletin notes that the attacks
are being promoted by the moderators of websites and discussion forums that
host al Qaeda and other Islamic extremist material, in addition to calls
through more conventional hacker channels like the bulletin board Pastebin.
This collaboration may “signal an
emerging trend of Middle East- and North Africa-based criminally motivated
hackers collaborating with others regardless of their motivation,” like Islamic
extremists, states the bulletin.
According to DHS, “Middle East and North-Africa-based
criminal hackers will continue issuing public statements to announce cyber
attack plans against high-profile targets,” but said it is monitoring
information as well as potential alliances formed between Anonymous and
jihadists.
DHS noted that future statements made by either jihadist
or cyber-attacker online feeds “may provide insight into whether these [hacker]
groups are radicalizing toward violence and whether they would potentially
partner with or conduct attacks on behalf of violent extremists.”
Anonymous
is, of course, no stranger to controversy nor to siding with dubious entities.
Earlier in the month the hacker group launched a wave of cyber attacks against
Israeli websites in the name of freeing the Palestinian people.
No comments:
Post a Comment